Techniques for accessing a backup system

ABSTRACT

A technique accesses a backup system. The technique involves receiving a logon command to logon a user to a website of the backup system. The backup system includes (i) a backup server and (ii) a web server which hosts the website to enable the user to control settings of the backup server. The technique further involves, sending, in response to receiving the logon command, a token request to the backup server through a pre-established secure data pathway to the backup server. Data is periodically backed up to the backup server through the pre-established secure data pathway. The technique further involves acquiring, in response to sending the token request, a logon token from the backup server through the pre-established secure data pathway. When the website receives the logon token during a logon operation, the website communicates with the backup server to determine whether the logon token is authentic.

BACKGROUND

A conventional computerized environment may include computers whichperiodically backup their information to a backup site. In such anenvironment, each computer is typically equipped with a backup servicewhich sends information to be backed up to the backup site at periodicintervals (e.g., daily, hourly, etc.).

To equip the computers with the backup services, a backup technician(i.e., a designated IT person) typically installs backup servicesoftware on each computer. One conventional backup service softwarepackage includes a random number generator routine to provision eachcomputer, during installation/setup time, with a random number whichuniquely identifies that computer to the backup site.

After a computer has backed up information to the backup site, if anoperator of the computer wishes to restore certain information from thebackup site to that computer, the operator requests a username andpassword from the backup technician. The backup technician then assignsa username and a password to the operator. Using the username and thepassword assigned to the operator by the backup technician, the operatorthen logs into the backup site from that computer and directs the backupsite to restore that information back on to that computer.

SUMMARY

Unfortunately, there are deficiencies to the above-describedconventional computerized environment in which operators, who wish torestore information from the backup site, (i) request usernames andpasswords from a backup technician and (ii) use usernames and passwordsassigned by the backup technician. For example, even a medium-sizedcompany may have hundreds of computers which are backed up by the backupsite thus imposing a significant username and password assignment burdenon the backup technician. Additionally, there is often a time urgencyassociated with information restoration (e.g., an operator's work maycome to a stand still until the operator is able to restore lostinformation), thus making the task of assigning usernames and passwordsa relatively high priority.

In contrast to the above-described conventional computerized environmentin which operators must request usernames and passwords from a backuptechnician when restoring information, improved techniques involveacquiring a logon token from a backup server through a pre-establishedsecure data pathway between a client device and the backup server. Thelogon token can then be used to logon a user to a website having certaincontrol of the backup server (e.g., to restore data from the backupserver). Such improved techniques are less burdensome, i.e., theyalleviate the need for intervention by a backup technician to assignusernames and passwords. Additionally, such techniques offer minimallatency in obtaining access to the backup server through the website,e.g., time is not wasted searching for a backup technician, explainingthe need for a username and password in order to restore information,and waiting for the backup technician to assign a username and password.

One embodiment is directed to a method of accessing a backup system. Themethod, which is performed in a client device, includes receiving alogon command to logon a user to a website of the backup system. Thebackup system includes (i) a backup server and (ii) a web server whichhosts the website to enable the user to control settings of the backupserver. The method further includes, sending, in response to receivingthe logon command, a token request to the backup server through apre-established secure data pathway between the client device and thebackup server. Data is periodically backed up from the client device tothe backup server through the pre-established secure data pathway in asecure manner. The method further includes acquiring, in response tosending the token request, a logon token from the backup server throughthe pre-established secure data pathway. The website hosted by the webserver is constructed and arranged to communicate with the backup serverto determine whether the logon token is authentic when the websitereceives the logon token during a logon operation.

Other embodiments are directed to a client device, a backup system, abackup server, a web server, a computer program product, and othercomponents of a backup environment. Additionally, other embodiments aredirected to processes which are performed by the above-mentionedcomponents of the backup environment.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing and other objects, features and advantages will beapparent from the following description of particular embodiments of theinvention, as illustrated in the accompanying drawings in which likereference characters refer to the same parts throughout the differentviews. The drawings are not necessarily to scale, emphasis instead beingplaced upon illustrating the principles of various embodiments of theinvention.

FIG. 1 is a block diagram of an electronic environment which includes aclient device and a backup facility.

FIG. 2 is a block diagram of the client device of FIG. 1.

FIG. 3 is a block diagram of the backup facility of FIG. 1.

FIG. 4 is a sequence diagram showing various communications which occurbetween certain components of the backup facility when a user accessesthe backup facility.

FIG. 5 is a flowchart of a procedure which is performed by a clientdevice of the electronic environment of FIG. 1.

DETAILED DESCRIPTION

An improved technique involves acquiring a logon token from a backupserver through a pre-established secure data pathway between a clientdevice and the backup server. The logon token can then be used to logona user to a website having certain control of the backup server (e.g.,to restore a lost file from the backup server). Such an improvedtechnique is less burdensome, i.e., the improved technique alleviatesthe need for intervention by a backup technician to assign a usernameand a password. Furthermore, such a technique provides minimal latencywhen obtaining access to the backup server through the website, e.g.,time is not wasted searching for a backup technician, explaining theneed for a username and password in order to restore information,waiting for the backup technician to assign a username and password, andso on.

FIG. 1 shows an electronic environment 20 which enables one or moreusers to automatically access a backup facility in a secure manner inorder to perform certain backup system operations. In particular, withsuch access, a user is able to perform various backup-related tasks(e.g., restore a file, set or modify certain backup settings, etc.)without participation of a backup technician.

As shown in FIG. 1, the electronic environment 20 includes multipleclient devices 22(1), 22(2), . . . (collectively, client devices 22), abackup facility 24, and a communications medium 26. The backup facility24 (or remote backup system) includes a web server 30 and a backupserver 32. The web server 30 hosts a backup system website 34 which iscapable of controlling (or changing) certain operational settings of thebackup server 32.

The communications medium 26 connects to the client devices 22, the webserver 30 and the backup server 32 to enable these components of theenvironment 20 to exchange electronic communications 36 among each other(e.g., illustrated by the two-sided arrow 36 in FIG. 1). Along theselines, the communications medium 26 is illustrated as a cloud because itis capable of having a variety of topologies including hub-and-spoke,backbone, loop, irregular, a combination of the Internet and LAN(s),combinations thereof, and so on.

During operation, a human backup coordinator (or administrator)configures each client device 22 to perform routine backups with thebackup facility 24. In particular, the backup coordinator installs andstarts backup software on each client device 22.

Once the backup software is installed and running on a client device 22,the backup software provides a user of the client device 22 with anassortment of backup services 40 including, among other things, aroutine backup service to routinely backup client data 42 from theclient device 22, and a restoration service to restore the client data42 to the client device 22. For example, as a user creates and modifiesclient data 42(1) on the client device 22(1), the client device 22periodically sends copies 44(1) of the created or modified client data42(1) to the backup facility 24 to be backed up. Similarly, as a usercreates and modifies client data 42(2) on the client device 22(2), theclient device 22 periodically sends copies 44(2) of the created ormodified client data 42(2) to the backup facility 24 to be backed up,and so on. As a result, the backup facility 24 safely maintains thecopies 44 of the client data 42 for possible restoration, while usersaccess the original client data 42 locally on their respective clientdevices 22.

It should be understood that the client devices 22 can initiatecommunications with the backup facility 24 through the communicationsmedium 26 without any custom setup by the users of the client devices 22or by the backup coordinator. Rather, each client device 22 is equippedwith the ability to uniquely identify itself to the backup facility 24(e.g., via random number generation, via network address, combinationsthereof, etc.) thus enabling the backup facility 24 to distinguish theclient devices 22 from each other without substantially burdening theusers of the client devices 22 or the backup coordinator. Such operationenables the backup server 32 to uniquely identify each client device 22when saving copies 44 of the client data 42.

It should be further understood that some of the electroniccommunications 36 between the client devices 22 and the backup server 32occur through pre-established secure data pathways 50. In somearrangements, prior to starting backups on a client device 22, thebackup coordinator provisions that client device 22 (as well as thebackup server 32) with standard cryptographic protocols (e.g., keys,certificates, etc.) to create a secure data pathway 50 between thatclient device 22 and the backup server 32 for secure bidirectionalcommunications through the communications medium 26. Accordingly, theclient device 22 is then able to periodically transmit copies 44 of theclient data 42 (new files/blocks, modified files/blocks, etc.) in amanner which prevents eavesdropping and/or tampering. In somearrangements, the secure data pathways 50 are standard encrypted SecureSockets Layer (SSL) and/or Transport Layer Security (TLS) connections.Such secure data pathway provisioning can occur as part of the backupsoftware installation process, or separately from the backup softwareinstallation process.

Once the secure data pathways 50 are in place (and re-creatable ifdestroyed), the client devices 22 transfer copies 44 of the client data42 through the secure data pathways 50 in accordance with backupschedules (e.g., once a day, once an hour, every 15 minutes, customizedtimes, etc.). After the backup facility 24 receives the copies 44 of theclient data 42, the backup facility 24 is capable of performingrestoration operations without burdening a backup coordinator,administrator or technician.

In particular, the backup facility 24 allows users to access the backedup copies 44 of the client data 42 via the backup system website 34using logon tokens 52 obtained from the backup server 32 in lieu ofusernames and passwords assigned by a backup technician. Along theselines, when the backup services 40 of a client device 22 receives acommand from a user to connect to the backup system website 34, thewebsite obtains a logon token 52 from the backup server 32 on behalf ofthe user. The backup services 40 then activates web browser circuitryand passes the web browser circuitry (i) a URL (Uniform ResourceLocator) for the backup system website 34, (ii) an identifier of theclient device 22 (e.g., a random string of symbols/characters/numberswhich uniquely identifies the client device 22 among other clientdevices 22), and (iii) the logon token 52. In some arrangements, theidentifier of the client device 22 is a random string, 30-40 characterslong.

When the website 34 receives the identifier of the client device 22 andthe logon token 52, the website 34 communicates with the backup server32 to authenticate the logon token 52 and thus authenticate the user. Ifauthentication is successful, the website 34 properly logs on the user.However, if authentication is unsuccessful, the website 34 does notlogon the user. As a result, users are able to securely retrieve thebacked up copies 44 of the client data 42 without intervention by thebackup technician.

In some arrangements, the logon token 52 are onetime use tokens. Thatis, such tokens can be used only once to logon thus preventing thepossibility of replay attacks. Furthermore, such tokens become invalidif not used within a certain predefined expiration window of time. Insome arrangements, each logon token 52 is a string of symbols (e.g., sixcharacters/numbers for easy viewing and copying via a keyboard, a stringof many characters/number to make viewing and copying more difficult,and so on).

Additionally, in some arrangements, the website 34 returns a web-basedlogon cookie that enables the client device 22 to access the website ina subsequent logon session without any logon token 52 and/or anyusername/password. Further details will now be provided with referenceto FIG. 2.

FIG. 2 shows particular details of a computerized client device 60 whichis suitable for use as any of the client devices 22 in FIG. 1. Thecomputerized client device 60 includes a user interface 62, a networkinterface 64, processing circuitry 66, and local non-volatile storage68. The user interface 62 (e.g., a keyboard, mouse and display) isconstructed and arranged to receive input from a user, and provideoutput to the user. The network interface 64 (e.g., a network adapter, anetwork card, etc.) is constructed and arranged to connect to thecommunications medium 26 and thus enable the computerized client device60 to exchange electronic communications 36 with other devices throughthe communications medium 26 (also see FIG. 1). The processing circuitry66 (e.g., a set of processors and memory) is constructed and arranged toperform a variety of computerized operations or tasks. The localnon-volatile storage 68 (e.g., magnetic disk drives, flash drives, etc.)is constructed and arranged to store data (e.g., files, blocks, records,etc.) in a persistent manner.

As further shown in FIG. 2, the processing circuitry 66 includes webbrowser circuitry 70, other high level circuitry 72 (e.g., wordprocessor circuitry, spreadsheet circuitry, email circuitry, etc.) forcreating and/or modifying client data 42, backup services circuitry (orbackup agent) 74, and operating system circuitry 76. Such circuitry canbe implemented as a set of processors running in accordance with one ormore software constructs (e.g., application suites, programs, toolkits,scripts, drivers, etc.), as specialized hardware circuits (e.g.,application specific integrated circuits, field programmable gatearrays, discrete components, etc.), as firmware, combinations thereof,and so on.

Additionally, in the context of a processor running in accordance withparticular software constructs, a computer program product 78 is capableof delivering each software construct to the computerized client device60. The computer program product 78 has a non-transitory (ornon-volatile) computer readable storage medium which stores a set ofinstructions which controls operation of the processing circuitry 66.Examples of suitable computer readable storage media include tangiblearticles of manufacture and apparatus which store instructions in anon-volatile manner such as CD-ROM, flash memory, disk memory, tapememory, and the like.

During operation of the computerized client device 60, the operatingsystem circuitry 76 effectively and efficiently allocates computerizedresources (processor cycles, memory space, etc.) within the computerizedclient device 60. The backup services circuitry 74, which receivesprocessing time and memory from the operating system circuitry 76,provides a variety of backup and restoration services to the user. Alongthese lines, the backup services circuitry 74 routinely provides copies44 of newly created and/or modified client data 42 to the backupfacility 24 through a pre-established secure data pathway 50 between thecomputerized client device 22 and the backup server 32 of the backupfacility 24 formed through the communications medium 26 (also see FIG.1).

Additionally, as will be explained in further detail shortly, the backupservices circuitry 74 is able to obtain a logon token 52 from the backupserver 32 of the backup facility 24 on behalf of the user. The user isthen able to provide the logon token 52 to the website 34 hosted by theweb server 30 for authentication purposes. In this manner, the user isable to properly logon to the website 34 and gain control over certainfunctions of the backup server 32, e.g., change backup settings, restoredata, etc. (also see FIG. 1). Such activity is capable of occurringwithout involvement from a backup technician. Further details will nowbe provided with reference to FIG. 3.

FIG. 3 shows particular details of the backup facility 24 of theelectronic environment 20 (also see FIG. 1). As shown in FIG. 3, the webserver 30 includes a network interface 80 and control circuitry 82. Thenetwork interface 80 (e.g., a network adapter, a network card, etc.) isconstructed and arranged to connect to the communications medium 26 andthus enable the web server 30 to exchange communications with otherdevices through the communications medium 26. The control circuitry 82(e.g., a set of processors and memory to run specialized software) isconstructed and arranged to host the website 34.

The backup server 32 includes a network interface 90, control circuitry92, and non-volatile storage 94. The network interface 90 (e.g., anetwork adapter, a network card, etc.) is constructed and arranged toconnect to the communications medium 26 and thus enable the backupserver 32 to exchange communications with other devices through thecommunications medium 26 (also see FIG. 1). The control circuitry 92(e.g., a set of processors and memory to run specialized software) isconstructed and arranged to perform a variety of backup/restoreoperations or tasks. In particular, the control circuitry 92 isresponsible for backing up the copies 44 of the client data 42 from theclient devices 22 to the non-volatile storage 94 (e.g., magnetic diskdrives, flash drives, etc.) based on particular control settings 96(e.g., a backup schedule, parameters identifying source locations toback up, and so on). Additionally, the control circuitry 94 isresponsible for restoring the copies 44 of the client data 42 from thenon-volatile storage 94 to the client devices 22 in response to inputfrom the website 34 of the web server 30.

As further shown in FIG. 3, the control circuitry 92 of the backupserver 32 includes an authentication module 98 which is capable ofcontrolling user access. In particular, the authentication module 98 isconstructed and arranged to provide logon tokens 52 and subsequentlyauthenticate users attempting to logon to the backup system website 34based on the provided logon tokens 52. Further details aboutauthentication of users of the website 34 will be provided shortly.

As illustrated by the double arrow 100, the backup server 32 conductssecure communications 102 with the client devices 22 throughpre-established secure data pathways 50 (e.g., SSL connections). Recall,that such secure data pathways 50 are set up prior to backing up thecopies 44 of the client data 42 from the client devices 22. With thepre-established secure data pathways 50 in place, backups are thenperformed in a secure manner thus preventing eavesdropping and tamperingof the data.

In some arrangements, the respective pre-established secure data pathway50 between the client device 22 and the backup server 32 is created (orre-created) prior to each backup operation performed by the clientdevice 22, and then destroyed at completion of each backup operation.Such arrangements advantageously minimize ongoing consumption of certaincomputerized resources (e.g., memory resources of the client device 22).

In other arrangements, the respective pre-established secure datapathway 50 between the client device 22 and the backup server 32 staysintact continuously over multiple backup operations between the clientdevice 22 and the backup server 32. Such arrangements advantageouslyminimize network traffic associated with creating (and destroying) thepathway 50.

It should be understood that, while the pre-established secure datapathways 50 are in place, the backup services circuitry 74 (FIG. 2) ofthe client devices 22 are able to logon users of the client devices 22to the backup system website 34 in response to user commands in anautomated manner, i.e., without participation by a backup coordinator.For example, suppose that a user of a client device 22 wishes to obtainaccess to the backup facility 24 to restore a file. The user enters alogon command into a user input/output (I/O) component of the backupservices circuitry 74, and a lower-level component of the backupservices circuitry 74 responds to the logon command by requesting andreceiving a logon token 52 through a secure data pathway 50 to thebackup server 32. Such operation enables secure delivery of the logontoken 52 from the backup server 32 to the client device 22 for use inlogging on to the backup system website 34.

Once the lower-level component of the backup services circuitry 74 of aclient device 22 receives the logon token 52 from the backup server 32,the user I/O component of the backup services circuitry 74 activates theweb browser circuitry 70 of the client device 22 to initiate web-basedcommunications 110 between the web browser circuitry 70 and the website34 of the web server 30 (also see the double arrow 112 in FIG. 3). Inparticular, the user I/O component of the backup services circuitry 74provides the URL 114 of the website 34, an identifier 116 of the clientdevice 22 and the logon token 52 to the web browser circuitry 70. In thecontext of a processor running backup services software, activating theweb browser circuitry 70 involves launching a web browser application.In the context of specialized hardware, activating the web browsercircuitry 70 involves providing an enable signal to a web browsercircuit to enable normal operation of the web browser circuit.

The web browser circuitry 70 then delivers the identifier 116 to thewebsite 34 to uniquely identify the client device 22 to the website 34,and the logon token 52 to authenticate to the website 34. Upon receiptof the identifier 116 and the logon token 52 from the web browsercircuitry 70 of the client device 22, the website 34 communicates withthe backup server 32 to authenticate the user (see the double arrow 120in FIG. 3). In particular, if the backup server 32 determines that thelogon token 52 matches the logon token 52 that it provided earlier tothe backup services circuitry 74 of the particular client device 22, thebackup server 32 informs the website 34 that the user has successfullyauthenticated, and the website 34 properly logs on the user. Once theuser has properly logged on, the user is able to perform variousoperations such as restore a copy 44 of client data 42 from the backupserver 32 to the client device 22, change the backup schedule, changewhat data is backed up, and so on. In some arrangements, the website 34immediately prompts the user to formally set up a username and apassword for subsequent authentication sessions before allowing the userto perform other activities. In other arrangements, the website 34provides a web-based logon cookie to the client device 22 to enableauthentication without further need for a logon token 52 and/or ausername/password. Other arrangements and combinations of arrangementsare suitable for use as well.

However, if the backup server 32 determines that the logon token 52 doesnot match the logon token 52 that it provided earlier to the backupservices circuitry 74 of the particular client device 22, the backupserver 32 informs the website 34 that authentication has failed, and thewebsite 34 then takes remedial action. For example, the website 34 candeny further website access to the user, send a message to the backupcoordinator warning of the failed authentication, and so on. Furtherdetails of the communications within the electronic system 20 will nowbe provided with reference to FIG. 4.

FIG. 4 is a sequence diagram showing particular participating portionsof the electronic environment 20. The backup service circuitry 74 isillustrated as having a user I/O component 150 and a lower-levelcomponent 152 since, in some arrangements, the backup service circuitry74 is implemented in modular form. That is, in some modularizedarrangements, the backup service circuitry 74 includes a user I/Omodule, an underlying communications (or portal) module, a datarestoration module, a diagnostic module, and so on. In the context of aprocessor which runs a set of applications, certain modules may at timesbe active or inactive. For example, a user I/O module may be inactive onnot invoked to save client device 22 resources. However, other modulessuch as an underlying communications module may stay active continuouslyto perform background tasks and perhaps to minimize latency when it isquickly called upon for service by another module (e.g., by the user I/Omodule). Moreover, in some arrangements, the various modules areconstructed and arranged to make SOAP (Simple Object Access Protocol)calls when requesting certain services.

As shown in FIG. 4, the user I/O component 150 is constructed andarranged to receive user commands and output information to the user.Additionally, the lower-level component 152 is constructed and arrangedto communicate with (i) the user I/O component 150 (e.g., localinter-process communications) and (ii) the backup server 32 through apre-established secure data pathway 50 (e.g., an SSL connection throughwhich to securely send client data, also see FIG. 3).

Further details will now be provided regarding how the electronicenvironment 20 provides a particular client device 22 with access to thebackup facility 24. Along these lines, when the user wishes to logon tothe backup system website 34 from the particular client device 22, theuser activates the user I/O component 150 and enters a logon command 160into the user I/O component 150. In some arrangements, the user I/Ocomponent 150 provides a lightweight graphical user interface (GUI) on adisplay (also see the user interface 62 in FIG. 2), and the user selectsa menu option such as “Connect to Backup Server” or “Go To Website”.

In response, the user I/O component 150 of the backup services circuitry74 receives the logon command 160 from the user and passes the logoncommand 160 to the lower-level component 152 of the backup servicescircuitry 74. The backup services circuitry 74 then sends a logon tokenrequest 162 for a logon token 52 to the backup server 32 through apre-established secure data pathway 50 between the client device 22 andthe backup server 32 (also see FIG. 3). The request 162 may include anidentifier 116 to conveniently identify the particular client device 22among other client devices 22 to the backup server 32. Thepre-established secure data pathway 50 may be the same secure connection(e.g., use the same certificates, other access controls, etc.) that thebackup services circuitry 74 utilizes when sending copies 44 of clientdata 42 to the backup server 32 for backing up.

In response to the request 162 for a logon token 52, the backup server32 provides a response 164 which includes a logon token 52. The backupserver 32 is able to maintain a record associating the logon token 52with the particular client device 22 for authentication purposes. As aresult, the backup server 32 is able to assign and manage logon tokens52 for multiple client devices 22 simultaneously.

Upon receipt of the response 164 containing the logon token 52, thelower-level component 152 of the backup services circuitry 74 passes thelogon token 52 up to the user I/O component 150. When the user I/Ocomponent 150 receives the logon token 52, the user I/O component 150provides data 166 which includes the logon token 52 to the web browsercircuitry 70. The user I/O component 150 then provides activation 166 tothe web browser circuitry 70 (e.g., launches a web browser application)and provides the running web browser circuitry 70 with a URL 114 of thewebsite 34, the identifier 116 which identifies the particular clientdevice 22, and the logon token 52.

The web browser circuitry 70 then sends a web-based request 168 (e.g.,an HTTP GET request) to the website 34 hosted by the web server 30 ofthe backup facility 24. The web-based request 168 includes the logontoken 52 and the identifier 116.

When the website 34 receives the web-based request 168 from the webbrowser circuitry 70 of the client device 22, the website 34 sends anauthentication request 170 to the backup server 32 of the backupfacility 24. The authentication request 170 includes the logon token 52and the identifier 116. In some arrangements, a secure data pathwaycontinuously exists between the web server 30 and the backup server 32through which the servers exchange secure communications.

Next, the backup server 32 responds to the authentication request 170 bycomparing the received logon token 52 to the assigned logon token 52that it provided earlier to the particular client device 22 through thepre-established secure data pathway 50. The backup server 32 thenprovides an authentication response 172 to the website 34 indicatingwhether authentication is successful. In particular, if there is amatch, the backup server 32 indicates that authentication is successfulin the authentication response 172. However, if there is not a match,the backup server 32 indicates that authentication has failed in theauthentication response 172.

Upon receipt of the authentication response 172 from the backup server32, the website 34 provides a web-based response 174 to the web browsercircuitry 70 of the particular client device 22. In particular, ifauthentication is successful, the web-based response 174 includes a webpage indicating that the user is successfully logged in and allowing theuser to control various operational settings of the backup server 32. Insome arrangements, the web-based response 174 prompts the user to createa personal username and password for subsequent logon sessions beforeallowing the user further access to the backup server 32.

If authentication is unsuccessful, the web-based response 174 isdifferent. For example, the web-based response 174 may deny access tothe backup server 32. Alternatively, the web-based response 174 may sendan alarm to the backup coordinator. Other types of remedial replies aresuitable for use as well. Further details will now be provided withreference to FIG. 5.

FIG. 5 is a flowchart of a procedure 200 which is performed by a clientdevice 22 during operation of the electronic environment 20 (also seeFIGS. 1-4). The procedure 200 is performed to logon a user to the backupsystem website 34 of the backup facility 24 without burdening a backupcoordinator.

In step 202, the client device 22 receives a logon command 160 to logona user to the website 34 hosted by the web server 30 of the backupfacility 24 (FIG. 1). For example, the user may wish to control certainsettings of the backup server 32 such as change a backup source locationor backup frequency, or to restore client data 42 to the client device22.

In step 204, the client device 22 sends, in response to receiving thelogon command 160, a logon token request 162 (FIG. 4) to the backupserver 32 through a pre-established secure data pathway 50 between theclient device 22 and the backup server 32. Recall that copies 44 ofclient data 42 are periodically (e.g., daily, hourly, etc.) backed upfrom the client device 22 to the backup server 32 through thepre-established secure data pathway 50 in a secure manner.

In step 206, the client device 22 acquires, in response to sending thelogon token request 162, a logon token 52 from the backup server 32through the pre-established secure data pathway 50. With the logon token52, the client device 22 is able to logon the user to the backup systemwebsite 34.

In step 208, the client device 22 provides the logon token 52 to thebackup system website 34 during a logon operation. In particular, theclient device 22 sends a web-based request 168 to the backup systemwebsite 34 (FIG. 4). Recall that the client device 22 transmits thelogon token 52 through a pathway which is different than thepre-established secure data pathway 50. The website 34 then communicateswith the backup server 32 to determine whether the logon token 52 isauthentic.

In step 210, once authentication at the website 34 has successfullycompleted, the client device 22 provides the user with access to thebackup server 32 through the website 34. Accordingly, the user is ableto perform various backup system operations without bothering a backupcoordinator. For example, the user is able to restore a particular filefrom the backup server 32 to the client device 22 without interventionby the backup coordinator. Along these lines, the user providing arestore command to the website 34, and the restore command directs thewebsite 34 to carry out a restore operation on the backup server 32through the communications medium 26 (FIG. 1) to restore the particularfile from the backup server 32 to the client device 22. Other operationsare available as well such as changing a backup parameter, creating ausername and password, and so on.

As described above, improved techniques involve acquiring a logon token52 from a backup server 32 through a pre-established secure data pathway50 between a client device 22 and the backup server 32. The logon token52 can then be used to logon a user to a website 34 having certaincontrol of the backup server 32 (e.g., to restore data from the backupserver). Such improved techniques are less burdensome, i.e., theyalleviate the need for intervention by a backup technician to assignusernames and passwords. Additionally, such techniques offer minimallatency in obtaining access to the backup server 32 through the website34, e.g., time is not wasted searching for a backup technician,explaining the need for a username and password in order to restoreinformation, waiting for the backup technician to assign a username andpassword, and so on.

While various embodiments of the invention have been particularly shownand described, it will be understood by those skilled in the art thatvarious changes in form and details may be made therein withoutdeparting from the spirit and scope of the invention as defined by theappended claims.

For example, it should be understood that backups and restores weredescribed above as occurring on the same client device 22 by way ofexample only. In some arrangements, backups and restores are performedon different client devices 22. In particular, a first client device 22is capable of providing copies 44 of client data 42 to the backup server32. Then, the user is able to obtain a logon token 52 by requesting thelogon token 52 using that first client device 22. Once the user hasobtained the logon token 52, the user is capable of logging on to thewebsite 34 by manually activating web browser circuitry 70 on a secondclient device 22 (e.g., launching a web browser) and entering the valueof the logon token 52 (e.g., a string of characters) into the secondclient device 22 to authenticate the second client device 22 with thebackup system website 34. Such a situation may occur if the user needsto migrate data backed up from the first client device 22 to the secondclient device 22.

Additionally, it should be understood that the web server 30 and thebackup server 32 are located in separate devices in some arrangements.Such a situation may occur to separate the resource demands by theservers 30, 32. For example, the web server 30 may then be provisionedwith enhanced web serving capabilities (e.g., with low storage but highprocessing power). Similarly, the backup server 32 may be provisionedwith enhanced storage capabilities (e.g., as an array of disks for RAID,with multiple network adapters for load balancing and fault tolerance,etc.).

However, in other arrangements, the web server 30 and the backup server32 are co-located on the same device. In these arrangements, thecommunications between the web server 30 and the backup server 32 (seethe double arrow 120 in FIG. 3) may be exclusively internal to thedevice.

What is claimed is:
 1. In a computerized client device, a method ofaccessing a backup system, the method comprising: receiving a logoncommand to logon a user to a website of the backup system, the backupsystem including (i) a backup server and (ii) a web server which hoststhe website to enable the user to control settings of the backup server;in response to receiving the logon command, sending a token request tothe backup server through a pre-established secure data pathway betweenthe computerized client device and the backup server, data beingperiodically backed up from the computerized client device to the backupserver through the pre-established secure data pathway in a securemanner; and in response to sending the token request, acquiring a logontoken from the backup server through the pre-established secure datapathway between the computerized client device and the backup server,the website hosted by the web server being constructed and arranged tocommunicate with the backup server to determine whether the logon tokenis authentic when the website receives the logon token during a logonoperation; and after the computerized client device acquires the logontoken, providing the logon token to the website during the logonoperation to logon the user to the website of the backup system, whereinproviding the logon token to the website during the logon operationincludes transmitting the logon token from the computerized clientdevice to the web server through a second pathway which is differentthan the pre-established secure data pathway between the computerizedclient device and the backup server.
 2. The method as in claim 1,wherein transmitting the logon token from the computerized client deviceto the web server through the second pathway includes: after particulardata has been backed up from the computerized client device to thebackup server through the pre-established secure data pathway, sendingthe logon token to the web server through the second pathway as part ofa website logon session.
 3. The method as in claim 1, furthercomprising: automatically launching a web browser on the computer clientdevice in response to the logon command, the logon token being providedto the website via the automatically launched web browser.
 4. The methodas in claim 3 wherein acquiring the logon token from the backup serverincludes obtaining, as the logon token, a onetime use token from thebackup server; and wherein providing the logon token to the websiteduring the logon operation includes sending the onetime use token fromthe web browser to the website to logon the user to the website.
 5. Themethod as in claim 3, further comprising: in response to the usersuccessfully logging on to the website, receiving a logon cookie fromthe website through the web browser and storing the logon cookie in thecomputerized client device for use in a subsequent website logonsession, and after the logon cookie is stored in the computerized clientdevice, sending contents of the logon cookie from the computerizedclient device to the website as part of the subsequent website logonsession.
 6. The method as in claim 3, further comprising: in response tothe user successfully logging on to the website, prompting the user tocreate a unique username and password for use in a subsequent websitelogon session, and after the user has created the unique username andpassword, conveying the unique username and password from thecomputerized client device to the website as part of the subsequentwebsite logon session.
 7. The method as in claim 1, wherein the backupserver is to backup data from multiple computerized client devices;wherein the data which is periodically backed up from the computerizedclient device to the backup server includes a particular file; andwherein the method further comprises: after the logon token is providedto the website during the logon operation to logon the user to thewebsite, restoring the particular file from the backup server to thecomputerized client device.
 8. The method as in claim 7 wherein the webserver communicates with the backup server through a computer network;and wherein restoring the particular file from the backup server to thecomputerized client device includes: providing a restore command to thewebsite hosted by the web server, wherein the restore command is todirect the website to carry out a restore operation on the backup serverthrough the computer network to restore the particular file from thebackup server to the computerized client device.
 9. A computerizedclient device, comprising: a user interface; a network interface; acontroller coupled to the user interface and the network interface, thecontroller to: receive, through the user interface, a logon command tologon a user to a website of a backup system, the backup systemincluding (i) a backup server and (ii) a web server which hosts thewebsite to enable the user to control settings of the backup server, inresponse to receiving the logon command, send a token request to thebackup server through the network interface and a pre-established securedata pathway between the computerized client device and the backupserver, data being periodically backed up from the computerized clientdevice to the backup server through the network interface and thepre-established secure data pathway in a secure manner, in response tosending the token request, acquire a logon token from the backup serverthrough the network interface and the pre-established secure datapathway between the computerized client device and the backup server,the website hosted by the web server being constructed and arranged tocommunicate with the backup server to determine whether the logon tokenis authentic when the website receives the logon token during a logonoperation; and provide the logon token to the website during the logonoperation to logon the user to the website of the backup system, whereinthe controller, when providing the logon token to the website during thelogon operation, is to transmit the logon token from the computerizedclient device to the web server through a second pathway which isdifferent than the pre-established secure data pathway between thecomputerized client device and the backup server; and at least onehardware processor to implement the controller.
 10. The computerizedclient device as in claim 9, wherein the controller is further to:automatically launch a web browser on the computer client device inresponse to the logon command, the logon token being provided to thewebsite via the automatically launched web browser.
 11. The computerizedclient device as in claim 9, further comprising: non-volatile storagecoupled to the controller; wherein the backup server is to backup datafrom multiple computerized client devices; wherein the data which isperiodically backed up from the computerized client device to the backupserver includes a particular file; and wherein the controller is furtherto, after the logon token is provided to the website during the logonoperation to logon the user to the website, restore the particular filefrom the backup server to the non-volatile storage.
 12. A non-transitorycomputer readable storage medium that stores a set of instructionswhich, when carried out by a computerized client device, cause thecomputerized client device to: receive a logon command to logon a userto a website of the backup system, the backup system including (i) abackup server and (ii) a web server which hosts the website to enablethe user to control settings of the backup server; in response toreceiving the logon command, send a token request to the backup serverthrough a pre-established secure data pathway between the computerizedclient device and the backup server, data being periodically backed upfrom the computerized client device to the backup server through thepre-established secure data pathway in a secure manner; in response tosending the token request, acquire a logon token from the backup serverthrough the pre-established secure data pathway between the computerizedclient device and the backup server, the website hosted by the webserver being constructed and arranged to communicate with the backupserver to determine whether the logon token is authentic when thewebsite receives the logon token during a logon operation; and providethe logon token to the website during the logon operation to logon theuser to the website of the backup system, wherein the set ofinstructions further cause the computerized client device, whenproviding the logon token to the website during the logon operation, totransmit the logon token from the computerized client device to the webserver through a second pathway which is different than thepre-established secure data pathway between the computerized clientdevice and the backup server.
 13. The non-transitory computer readablestorage medium as in claim 12, wherein the set of instructions furthercause the computerized client device to: automatically launch a webbrowser on the computer client device in response to the logon command,the logon token being provided to the website via the automaticallylaunched web browser.
 14. The non-transitory computer readable storagemedium as in claim 12, wherein the backup server is to backup data frommultiple computerized client devices; wherein the data which isperiodically backed up from the computerized client device to the backupserver includes a particular file; and wherein the set of instructionsfurther cause the computerized client device to, after the logon tokenis provided to the website during the logon operation to logon the userto the website, restore the particular file from the backup server tothe computerized client device.